Getting Data Protection ready


It’s been pretty difficult to get away from all the noise around GDPR this month. The deadline has passed and GDPR is now in full effect, but what does that mean to you?

For many businesses & charities who rely on the general public; be it for sales, referrals and even donations, they’re now faced with a ‘start again’ approach to all the meticulous hard work they have put into building up their databases. Under new GDPR rules, if organisations didn’t get a specific opt-in from an individual, before the 25th of May, it is now unlawful to contact them and those who break that will face pretty hefty fines. In some cases, we’re talking up to £17.5m or 4% of global revenue.

So, what can you do?

Everyone will be affected, so you’re not on your own.

Secondly, swot up. There are tonnes of information out there that can help you understand what you need to do, implement, safeguard and comply with. Our advice would be to go to reputable institutions in your sector, who have all written specific guides on what you need to do. But understand that, in simple terms, if you are looking to contact an individual and are not sure that they have given you explicit permission to contact them, don’t.

Where it becomes a little tricky is if you’re contacting people at work, reaching out to businesses with cold leads. The new GDPR data protection laws still protect those individuals but there Is a somewhat grey area around approaching individuals in a business capacity – so make sure you check before you fire off an email or a mass marketing campaign using your data.

GDPR also extends to how organisations hold and process data. In recent months we’ve had so many scandals, including the Facebook/Cambridge Analytica incident, where it was suggested up to 40million people’s data has been harvested and used from Facebook. This is just one example of how organisations have been scraping and sharing data since the beginning of the internet. 10 years ago, it was easy for an organisation to get their hands on your data and use it how they wished, but now GDPR is putting a stop to that. There are plenty of ways that you can implement a robust strategy and comply, we’ve added some helpful links below.

But, GDPR is a double-edged sword. One the one hand, you now personally won’t be bombarded with millions of emails on a daily basis from something you might have signed up to a year ago, and if you’re anything like me (D&G’s Marketing Manager), I start my day with a cuppa and a constant finger on my email delete button. Win!
But on the other hand, if you work in a business or industry that relies on contacting an individual to promote your business or cause, you’re going to have to start from scratch and build up your database again.
But don’t despair – this legislation has been put in place to protect us in an ever growing and interdependence on the digital space. Most of us upload our lives onto the internet with very little regard for how that data can be used. What may seem catastrophic for businesses and charities in the short run, will turn out to be incredibly valuable to our online safety in years to come.

Here at D&G Group, we take our customers data incredibly seriously and have put high levels of security in place to ensure we meet with GDPR. We are committed to high standards of information security, privacy, and transparency and you can view our data protection policies here.

Helpful resources:

ICO: Preparing for GDPR

Charities: IoF 

D&G Group